HackDig : Dig high-quality web security articles for hacker

Around July last year, more than a 100 Israeli servicemen were hit by a cunning threat actor. The attack compromised their devices and exfiltrated data to the attackers’ command and control server. In addition, the compromised devices were pushed Trojan updates, which allowed the attackers to extend their capabilities. The operation remains active at t

Although they were never really gone, it looks like there is a rise in the number of malicious vbscripts in the wild. Maybe the similarity to VBA scripts and possible use in macros is responsible for the increased popularity. Let’s have a quick look at a few of them.
First some background
VBScript has been installed with every desktop version of Windows sin

A new book by two New York University professors offers a fresh perspective on how individuals and corporations can hide their more private information in plain sight. The book, “Obfuscation: A User’s Guide for Privacy and Protest,” surveys the more interesting historical examples of the notion and provides some interesting context for prac

DARPA is sustaining researchers to seek innovations in software obfuscation solutions to contrast criminals that try to reverse engineer software.
DARPA (Defense Advanced Research Project Agency) and a team of researchers are turning towards new methods to overcome reverse engineering by using obfuscation to secure government

Researchers with a DARPA-led team are looking into new ways to combat reverse engineering by using obfuscation to tidy up shoddy commercial and government security.Researchers with the unit, dubbed the SafeWare program, are hoping to develop new methods, bolstered by encryption, to obscure software code in hopes it its further deployment can lead to “p

The espionage gang behind the MiniDuke backdoor uncovered by Kaspersky Lab and CrySys Lab in 2013 has surfaced again with a new backdoor and attack platform that is used sparingly against only high-value targets.The new data theft tool, called Hammertoss, is a study not only in espionage capabilities, but also stealth and targeting. It’s been found so

Spam with a malicious taste I haven’t seen in a while a well done complex spam with malicious payload.This one appears to be addressed to first name of the email recipient. As you can see in the subject, it is addressed to “SORIN” since my email address is sorin.musta

This post is the third in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. Several months ago, Wei sinn3r Chen and I landed some improvements to Metasploit's Javascript obfuscator, jsobfu. Most notably, we moved it out to its own repo and gem, wrapped i

First things first -- today is International Talk Like a Pirate Day, which is great for me, given my office decor. Arrr! So grab a flagon of grog, and read on, ye landlubbers! Updates to the Android Universal XSS bug (CVE-2014-6041)This has been a pretty busy week for us here in Metasploit Nation. You probably heard about Rafay Baloch's kind of massive

Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools (which offer very primitive obfuscation), data URIs (where the page content is mostly Base64-encoded), and character escaping are often used. However, recently we have seen a phishing site using the Advanced Encryption Standard (AES).Figure 1. Page s

After going out of fashion for a number of years, malicious macros inside Office files have recently experienced a revival. And why not, especially if they are a lot cheaper than exploits and capable of doing the same job?
Yes, that's right, cybercriminals are busily recycling this old technique, introducing new obfuscation forms to make it more effective. L